vulnerability
Oracle Linux: CVE-2019-11356: ELSA-2019-1771: cyrus-imapd security update (IMPORTANT)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Jun 4, 2019 | Jul 22, 2024 | Dec 3, 2025 |
Severity
7
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jun 4, 2019
Added
Jul 22, 2024
Modified
Dec 3, 2025
Description
The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
A flaw was found in the CalDAV feature in httpd in Cyrus IMAP. This flaw allows a remote attacker to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
A flaw was found in the CalDAV feature in httpd in Cyrus IMAP. This flaw allows a remote attacker to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name.
Solutions
oracle-linux-upgrade-cyrus-imapdoracle-linux-upgrade-cyrus-imapd-utilsoracle-linux-upgrade-cyrus-imapd-vzic
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.